Fraud and abuse in EMR/EHR systems

The leadership of your organization is very concerned about fraud and abuse, particularly of their EMR/EHR systems. They have tasked you to head a research group of other clinic managers to research best practices in reviewing their current system, as well as looking at steps to protect the current system, or perhaps migrate to a new one, if needed. What would you recommend and why?